ohcnetwork · vigneshhari · Mar 4, 2024 · Nov 8, 2023 · Nov 8, 2023 · Nov 14, 2023
diff --git a/care/facility/api/viewsets/prescription.py b/care/facility/api/viewsets/prescription.py
@@ -2,6 +2,7 @@
 from django.utils import timezone
 from django_filters import rest_framework as filters
 from drf_spectacular.utils import extend_schema
+from dry_rest_permissions.generics import DRYPermissions
 from redis_om import FindQuery
 from rest_framework import mixins, status
 from rest_framework.decorators import action
@@ -50,7 +51,7 @@ class MedicineAdministrationViewSet(
     mixins.ListModelMixin, mixins.RetrieveModelMixin, GenericViewSet
 ):
     serializer_class = MedicineAdministrationSerializer
-    permission_classes = (IsAuthenticated,)
+    permission_classes = (IsAuthenticated, DRYPermissions)
     queryset = MedicineAdministration.objects.all().order_by("-created_date")
     lookup_field = "external_id"
     filter_backends = (filters.DjangoFilterBackend,)
@@ -94,7 +95,7 @@ class ConsultationPrescriptionViewSet(
     GenericViewSet,
 ):
     serializer_class = PrescriptionSerializer
-    permission_classes = (IsAuthenticated,)
+    permission_classes = (IsAuthenticated, DRYPermissions)
     queryset = Prescription.objects.all().order_by("-created_date")
     lookup_field = "external_id"
     filter_backends = (filters.DjangoFilterBackend,)

diff --git a/care/facility/models/prescription.py b/care/facility/models/prescription.py
@@ -5,6 +5,9 @@
 from django.db.models import JSONField
 from django.utils import timezone
 
+from care.facility.models.mixins.permissions.patient import (
+    ConsultationRelatedPermissionMixin,
+)
 from care.facility.models.patient_consultation import PatientConsultation
 from care.utils.models.base import BaseModel
 from care.utils.models.validators import dosage_validator
@@ -73,7 +76,7 @@
         return " - ".join(filter(None, [self.name, self.generic, self.company]))
 
 
-class Prescription(BaseModel):
+class Prescription(BaseModel, ConsultationRelatedPermissionMixin):
     consultation = models.ForeignKey(
         PatientConsultation,
         on_delete=models.PROTECT,
@@ -148,11 +151,14 @@
     def medicine_name(self):
         return str(self.medicine) if self.medicine else self.medicine_old
 
+    def has_object_write_permission(self, request):
+        return ConsultationRelatedPermissionMixin.has_write_permission(request)
+
     def __str__(self):
         return self.medicine + " - " + self.consultation.patient.name
 
 
-class MedicineAdministration(BaseModel):
+class MedicineAdministration(BaseModel, ConsultationRelatedPermissionMixin):
     prescription = models.ForeignKey(
         Prescription,
         on_delete=models.PROTECT,
@@ -181,6 +187,12 @@
             + self.prescription.consultation.patient.name
         )
 
+    def get_related_consultation(self):
+        return self.prescription.consultation
+
+    def has_object_write_permission(self, request):
+        return ConsultationRelatedPermissionMixin.has_write_permission(request)
+
     def validate(self) -> None:
         if self.prescription.discontinued:
             raise ValidationError(

diff --git a/care/abdm/api/viewsets/auth.py b/care/abdm/api/viewsets/auth.py
        try:
            AbdmGateway().init(data["resp"]["requestId"])
        except Exception as e:
            logger.warning(
                f"Error: OnFetchView::post failed while initialising ABDM Gateway, Reason: {e}",
                exc_info=True,
            )
            return Response(
                {"detail": "Error: Initialising ABDM Gateway failed."},
                status=status.HTTP_400_BAD_REQUEST,
            )
                }
            )
        except Exception as e:
            logger.warning(
                f"Error: RequestDataView::post failed to notify (health-information/notify). Reason: {e}",
                exc_info=True,
            )
diff --git a/care/abdm/api/viewsets/health_facility.py b/care/abdm/api/viewsets/health_facility.py
    if health_facility.registered:
        return [True, None]

    clean_facility_name = re.sub(r"[^A-Za-z0-9 ]+", " ", health_facility.facility.name)
    clean_facility_name = re.sub(r"\s+", " ", clean_facility_name).strip()
    hip_name = settings.HIP_NAME_PREFIX + clean_facility_name + settings.HIP_NAME_SUFFIX
    response = Facility().add_update_service(
        {
            "facilityId": health_facility.hf_id,
                and settings.ABDM_CLIENT_ID in data["error"].get("message")
                and "already associated" in data["error"].get("message")
            ):
                health_facility.registered = True
                health_facility.save()
                return [True, None]

            return [
                False,
                data["error"].get("message", "Error while registering HIP as service"),
            ]
        [registered, error] = register_health_facility_as_service(facility__external_id)

        if error:
            return Response({"detail": error}, status=400)

        return Response({"registered": registered})

diff --git a/care/abdm/api/viewsets/healthid.py b/care/abdm/api/viewsets/healthid.py
                    }
                )
            except Exception as e:
                logger.warning(
                    f"Error: ABDMHealthIDViewSet::link_via_qr failed to fetch modes. Reason: {e}",
                    exc_info=True,
                )
                }
            )
        except Exception as e:
            logger.warning(
                f"Error: ABDMHealthIDViewSet::get_new_linking_token failed to fetch modes. Reason: {e}",
                exc_info=True,
            )
                }
            )
        except Exception as e:
            logger.warning(
                f"Error: ABDMHealthIDViewSet::add_care_context failed. Reason: {e}",
                exc_info=True,
            )
                }
            )
        except Exception as e:
            logger.warning(
                f"Error: ABDMHealthIDViewSet::patient_sms_notify failed to send SMS. Reason: {e}",
                exc_info=True,
            )
	try:
	AbdmGateway().init(data["resp"]["requestId"])
	except Exception as e:
	logger.warning(
Check warning on line 31 in care/abdm/api/viewsets/auth.py Codecov / codecov/patch care/abdm/api/viewsets/auth.py#L31 `Added line #L31 was not covered by tests`
	f"Error: OnFetchView::post failed while initialising ABDM Gateway, Reason: {e}",
	exc_info=True,
	)
	return Response(
Check warning on line 35 in care/abdm/api/viewsets/auth.py Codecov / codecov/patch care/abdm/api/viewsets/auth.py#L35 `Added line #L35 was not covered by tests`
	{"detail": "Error: Initialising ABDM Gateway failed."},
	status=status.HTTP_400_BAD_REQUEST,
	)
	}
	)
	except Exception as e:
	logger.warning(
Check warning on line 359 in care/abdm/api/viewsets/auth.py Codecov / codecov/patch care/abdm/api/viewsets/auth.py#L359 `Added line #L359 was not covered by tests`
	f"Error: RequestDataView::post failed to notify (health-information/notify). Reason: {e}",
	exc_info=True,
	)
	if health_facility.registered:
	return [True, None]

	clean_facility_name = re.sub(r"[^A-Za-z0-9 ]+", " ", health_facility.facility.name)
	clean_facility_name = re.sub(r"\s+", " ", clean_facility_name).strip()
	hip_name = settings.HIP_NAME_PREFIX + clean_facility_name + settings.HIP_NAME_SUFFIX
Check warning on line 37 in care/abdm/api/viewsets/health_facility.py Codecov / codecov/patch care/abdm/api/viewsets/health_facility.py#L35-L37 `Added lines #L35 - L37 were not covered by tests`
	response = Facility().add_update_service(
	{
	"facilityId": health_facility.hf_id,
	and settings.ABDM_CLIENT_ID in data["error"].get("message")
	and "already associated" in data["error"].get("message")
	):
	health_facility.registered = True
	health_facility.save()
	return [True, None]
Check warning on line 65 in care/abdm/api/viewsets/health_facility.py Codecov / codecov/patch care/abdm/api/viewsets/health_facility.py#L63-L65 `Added lines #L63 - L65 were not covered by tests`

	return [
Check warning on line 67 in care/abdm/api/viewsets/health_facility.py Codecov / codecov/patch care/abdm/api/viewsets/health_facility.py#L67 `Added line #L67 was not covered by tests`
	False,
	data["error"].get("message", "Error while registering HIP as service"),
	]
	[registered, error] = register_health_facility_as_service(facility__external_id)

	if error:
	return Response({"detail": error}, status=400)
Check warning on line 103 in care/abdm/api/viewsets/health_facility.py Codecov / codecov/patch care/abdm/api/viewsets/health_facility.py#L103 `Added line #L103 was not covered by tests`

	return Response({"registered": registered})
	}
	)
	except Exception as e:
	logger.warning(
Check warning on line 369 in care/abdm/api/viewsets/healthid.py Codecov / codecov/patch care/abdm/api/viewsets/healthid.py#L369 `Added line #L369 was not covered by tests`
	f"Error: ABDMHealthIDViewSet::link_via_qr failed to fetch modes. Reason: {e}",
	exc_info=True,
	)
	}
	)
	except Exception as e:
	logger.warning(
Check warning on line 431 in care/abdm/api/viewsets/healthid.py Codecov / codecov/patch care/abdm/api/viewsets/healthid.py#L431 `Added line #L431 was not covered by tests`
	f"Error: ABDMHealthIDViewSet::get_new_linking_token failed to fetch modes. Reason: {e}",
	exc_info=True,
	)
	}
	)
	except Exception as e:
	logger.warning(
Check warning on line 482 in care/abdm/api/viewsets/healthid.py Codecov / codecov/patch care/abdm/api/viewsets/healthid.py#L482 `Added line #L482 was not covered by tests`
	f"Error: ABDMHealthIDViewSet::add_care_context failed. Reason: {e}",
	exc_info=True,
	)
	}
	)
	except Exception as e:
	logger.warning(
Check warning on line 522 in care/abdm/api/viewsets/healthid.py Codecov / codecov/patch care/abdm/api/viewsets/healthid.py#L522 `Added line #L522 was not covered by tests`
	f"Error: ABDMHealthIDViewSet::patient_sms_notify failed to send SMS. Reason: {e}",
	exc_info=True,
	)